Path apologizes, offers opt-out for address book uploading

Social networking app Path issued an apology through its blog on Wednesday for the implementation of a back-end "feature" that uploaded a user's iPhone contacts list to the company's servers, and released an update to remedy the problem with new opt-in/opt-out settings.

On Tuesday, Developer Arun Thampi discovered that the Path app was uploading user contacts in an unseen background task, which triggered a subsequent deluge of criticism from those who viewed the action as a privacy violation.

Path claims that the data upload was meant to streamline the app's "Add Friends" feature, not to horde sensitive information:

Quote:

We are sorry.

We made a mistake. Over the last couple of days users brought to light an issue concerning how we handle your personal information on Path, specifically the transmission and storage of your phone contacts.

As our mission is to build the world’s first personal network, a trusted place for you to journal and share life with close friends and family, we take the storage and transmission of your personal information very very seriously.

Through the feedback we’ve received from all of you, we now understand that the way we had designed our ‘Add Friends’ feature was wrong. We are deeply sorry if you were uncomfortable with how our application used your phone contacts.

The letter goes on to explain that the information gathered is used to improve the quality of friend suggestions and to notify users when a contact joins Path. The data transfers are also encrypted and stored on "servers using industry-standard firewall technology."

In response to the public outcry, Path has erased all user-uploaded contact information in concert with the release of an updated version of the software that prompts users to select whether they want to opt in to sharing contacts.

Path has released an updated version to fix privacy issue. | Source: Path

If they really want us to trust them, shouldn't they make this an opt-IN service, rather than opt-out? I shouldn't have to hunt for a setting inside the app to turn something like this off, it should explicitly ask me to turn it on.

If they really want us to trust them, shouldn't they make this an opt-IN service, rather than opt-out? I shouldn't have to hunt for a setting inside the app to turn something like this off, it should explicitly ask me to turn it on.

Exactly. This exposes a enormous problem with Apple's procedures if an application can get approved while doing something like this.

From what little I have seen on this incident, Apple seems to be getting a pass in the coverage and I don't understand why. Has any person/site covering this asked Apple about what went wrong and what are they planning to do to prevent something like this in the future?

I heard an iOS developer talking about how easy it is to get bad behavior around Apple's approval process. He said that all he has to do is have the app check for a date past the time Apple would have approved the app. Once that date arises, the app would then go out to his web site and get instructions that would change its behavior. The developer indicated he is already using this technique to collect data that Apple wouldn't normally allow.

Walled garden indeed.

-kpluck

Do you use MagicJack?

The default settings will automatically charge your credit card each year for service renewal. You will not be notified or warned in anyway. You can turn auto renewal off.

Exactly. This exposes a enormous problem with Apple's procedures if an application can get approved while doing something like this.

From what little I have seen on this incident, Apple seems to be getting a pass in the coverage and I don't understand why. Has any person/site covering this asked Apple about what went wrong and what are they planning to do to prevent something like this in the future?

I heard an iOS developer talking about how easy it is to get bad behavior around Apple's approval process. He said that all he has to do is have the app check for a date past the time Apple would have approved the app. Once that date arises, the app would then go out to his web site and get instructions that would change its behavior. The developer indicated he is already using this technique to collect data that Apple wouldn't normally allow.

Walled garden indeed.

-kpluck

I wish Apple would catch these offenders automatically—let the arms race begin!--but neither Apple nor Google does so at present. At the same time, Apple never promised to make this abuse impossible: their policy is simply to disallow it, but it must first be caught.

This isn’t the first nor last instance, just a high profile one.

I do think they deserved to be kicked off the App Store even AFTER this fix. That "feels" fair! However, any developer might make a mistake, so that’s a bad policy for Apple to set: imagine if your favorite app accidentally sent data even if you opted out. It should be fixed or get pulled by Apple—and I’m glad fixing it is an option. Punishing the company after the fix would also punishes its users.

Too bad, because Path 2.0 was a vast improvement over the original version; it was actually fun to use.

I'm all for giving this company another chance -- in time. But it won't be with my data. I'm still waiting for the final e-mail confirming my Path.com account has been permanently deleted.

As punishment, Apple should ban this company's apps from the App Store for one year and institute a resubmission fee for the banned app, like $10,000 to cover increased monitoring costs during a three-year probationary period. In addition, Apple should stipulate that account deletion be possible from the app itself. Currently, there is no way to delete an account on their website apart from sending an e-mail to their customer service inbox.

That would send a far stronger message to other app developers about respecting the privacy of user data.

I wish Apple would catch these offenders automaticallylet the arms race begin!--but neither Apple nor Google does so at present. At the same time, Apple never promised to make this abuse impossible: their policy is simply to disallow it, but it must first be caught.

This isnt the first nor last instance, just a high profile one.

I do think they deserved to be kicked off the App Store even AFTER this fix. That "feels" fair! However, any developer might make a mistake, so thats a bad policy for Apple to set: imagine if your favorite app accidentally sent data even if you opted out. It should be fixed or get pulled by Appleand Im glad fixing it is an option. Punishing the company after the fix would also punishes its users.

Apple makes point and touts that they examine all the apps that they approve. So either they knew about path copying the entire contacts of users or they were negligent.
Wall Garden Failed. More bricks on the wall

It's just not credible to me, that they put this feature in, and the privacy implications never occurred to anyone. And I am a person who gives people the benefit of the doubt by inclination. Unless they outsourced development to another country where people have different values, and it didn't even occur to them that people might mind.

Great to see the howling crowd at it. Too bad there is no nigger to be hung, heh?

Sometimes, you people are despicable.

Suddenly, everyone's a dev company, with years of experience in management of men AND complete understanding of Apple processes? Come on. Those guys MAY have tried to play un-nice. They also may have made a honest mistake. It's Apple's to decide. Don't burn the guys yet.

This is not Mississippi, 1830. There is a legal system. There are rules in place. And by the way, how many of you buy games at EA and Sony? If you're SO DISTRAUGHT by such "horrible practices", shun them (the bigger, multibillion companies) first. Sue them. Don't just go with the crowd.

Social Capitalist, dreamer and wise enough to know I'm never going to grow up anyway... so not trying anymore.

It's just not credible to me, that they put this feature in, and the privacy implications never occurred to anyone. And I am a person who gives people the benefit of the doubt by inclination. Unless they outsourced development to another country where people have different values, and it didn't even occur to them that people might mind.

And of course, you perfectly understand all the programming in the app, since the source is open and you know Objective-C? You also know exactly how competitors apps work, since they're also opensource?
Gimme a break.

Social Capitalist, dreamer and wise enough to know I'm never going to grow up anyway... so not trying anymore.

Apple makes point and touts that they examine all the apps that they approve. So either they knew about path copying the entire contacts of users or they were negligent.
Wall Garden Failed. More bricks on the wall

Apple doesn't. They have some automated tests and some human screening. They can't just test everything or they'd need human readers to go through the source of everything, which would raise monopoly issues. Imagine if Microsoft demanded access to the source of every Windows program ever made to authorize it to run?

Social Capitalist, dreamer and wise enough to know I'm never going to grow up anyway... so not trying anymore.

And of course, you perfectly understand all the programming in the app, since the source is open and you know Objective-C? You also know exactly how competitors apps work, since they're also opensource?
Gimme a break.

I don't need to know the source code of their app, since the API is the same for everyone (and it's straight C by the way, not Objective-C).

There is simply no way to iterate through someone's address book, serialise all their contacts in to a form suitable for transmission across the wire, transmit it, have a service set up at the other end to receive it (with appropriate infrastructure and database behind it), and do all that accidentally.

The phone developer must have known, the DBA must have known, and the project manager who tracked their activities and budgeted for the server infrastructure must have known.

Given all that, it is not likely an accident, but a choice on their part.

Question: who's Arun Thampi. Why was he reverse engineering that software without permission? Doesn't that actually break the law?

As it stands now, Thampi is a bit of a hero (small h). If not for him, Path would have continued this practice. Their mea culpa is not 100% voluntary. Dave Morin debated quite a while to justify what they did.

Great to see the howling crowd at it. Too bad there is no nigger to be hung, heh?

Sometimes, you people are despicable.

Suddenly, everyone's a dev company, with years of experience in management of men AND complete understanding of Apple processes? Come on. Those guys MAY have tried to play un-nice. They also may have made a honest mistake. It's Apple's to decide. Don't burn the guys yet.

This is not Mississippi, 1830. There is a legal system. There are rules in place. And by the way, how many of you buy games at EA and Sony? If you're SO DISTRAUGHT by such "horrible practices", shun them (the bigger, multibillion companies) first. Sue them. Don't just go with the crowd.